Firewall Reporting at Application Level

My company is currently using Cisco ASA, but it lacks a lot of the reporting I'd like to see. I was wondering if anyone knew of a good open source firewall option that provided information and reporting on applications running on the network. I was looking at Sophos, but I haven't tried it yet. Thoughts/opinions?

I have used Sophos (both Firewall & AV) and have only good experience + found their service help to be excellent.
I started when I noticed the large firm I worked for was using it and I needed to change the one I was using and have no regrets!

pfSense has a Layer 7 filter that is highly customizable.
Untangle has a similar Layer 7 filter that has an easy to use GUI.

I prefer pfSense as it is BSD based so it uses a stateful packet filter whereas Untangle is Debian based and uses Netfilter which is not stateful. However, the GUI layer 7 filter on Untangle may be easier for some to manage.

When I install the Sophos client, I want their firewall to be installed instead of the built-in firewall. While MS has significantly improved the firewall over the years, the Sophos firewall has much more granularity and control. With policies, I can exercise different controls based on the user's position. I can control what ports, programs and processes, etc. are allowed.

The problem is that they are very slow in getting the firewall updated so that it will install on a new OS. In the case of W8, for example, it was only several months ago that it supported being installed. Having to depend on the built-in firewall makes my network more vulnerable.